CVE-2013-3321

High

NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to include arbitrary files through specially crafted requests to…

mitre·CWE-829·Published 2020-01-29

CVSS

7.5

EPSS

0.02

KEV

Exploits

cve.orgen

199 chars

NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to include arbitrary files through specially crafted requests to the "diagnostic" page using the SnapMirror log path parameter.

NVDen

199 chars

NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to include arbitrary files through specially crafted requests to the "diagnostic" page using the SnapMirror log path parameter.

NetApp OnCommand System Manager versiones 2.1 y anteriores, permiten a atacantes remotos incluir archivos arbitrarios por medio de peticiones especialmente diseñadas en la página "diagnostic" utilizando el parámetro de ruta de registro SnapMirror.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.0	6.8	6.4	AV:N/AC:M/Au:S/C:P/I:P/A:P
3.1	Primary	NVD	7.5	1.6	5.9	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H